Using openssl

MichaelInDC · March 8, 2011, 11:19am

All,

I am new to openssl and I have not been able to figure out exactly how to use it. What I need to do is to create a shell script which FTPS's (SFTP is not allowed on my project) a file to a mainframe. The mainframe will not initiate a session with my server.

Question. Are the packages that come with Solaris 10 all I need to do this, or do I need to install some 3rd party application as well? If what comes with Solaris is enough, then how do I script this?

Below is my server and package info.

SunOS lib56t31 5.10 Generic_141444-09 sun4v sparc SUNW,T5240

system SUNWopenssl-commands OpenSSL Commands (Usr)
system SUNWopenssl-include OpenSSL Header Files
system SUNWopenssl-libraries OpenSSL Libraries (Usr)
system SUNWopenssl-man OpenSSL Manual Pages
system SUNWopensslr OpenSSL (Root)

Any help you could give me would be greatly appreciated.

Michael

DGPickett · March 8, 2011, 1:59pm

Open SSL contains cleints and servers for scp, ssh, sftp and support for https. If your target mainframe has ssh daemons running, then you can move data with scp, sftp or ssh clients! I would scp. You cannot use it for ftp per se, not even through a tunnel.

MichaelInDC · March 8, 2011, 2:38pm

The mainframe does not allow for ssh. Only FTPS.

Corona688 · March 8, 2011, 2:52pm

FTP with SSL support is not part of openssl. You may need to install a third-party application.

DGPickett · March 8, 2011, 3:09pm

FTPS might be SFTP, IBM being persistently and patologically ignorant of standards, but no, they reinvented that wheel:

FTPS - Wikipedia, the free encyclopedia

A very forgettable fact unless your are getting some of that IBM flavored money.

Well, lftp might be your ticket, gftp seems to be graphical X interactive, but nice to have for prod support.

Freeware List for SPARC and Solaris 10

I never seem to be root, so I a no pkg fan, but they are available:

Freeware List for SPARC and Solaris 10

Curl is real nice for batch, just make a URL and go:

Freeware List for SPARC and Solaris 10
Freeware List for SPARC and Solaris 10

MichaelInDC · March 8, 2011, 6:35pm

Thanks to you both for your responses.

DG, I will look into the products you mentioned.

Jakob · March 12, 2011, 1:55am

Correct.

When dealing with FTP in general, don't expect the most secure solution.

DGPickett · March 14, 2011, 11:28am

I'd say ftp is always insecure like rcp, telnet but scp, sftp and ftps all use secure socket layer that comes in open ssl. It is the plain text unencrypted on the tcp layer that is insecure. The ssl slips in encryption and sometimes pre-compression, which is secure.